Search form

Drupal security

The Payment Card Industry (PCI) has defined a number of Data Security Standards when accepting sensitive information such as credit card numbers over the web. While these are not Drupal-specific, they are important for any Drupal developer of site administrator of an e-commerce site to be aware of.

Coder Review is a useful modules for identifying potential security issues, however it is not part of the Guardr distribution. Guardr is intended to be part of a layered sub-distribution. Due to a bug in Drupal 7, using drush with coder_review installed in more than one directory can cause fatal conflicts. It is recommended to add Coder to your installation.

Not all contributed modules pre-process usernames with functions like theme_username() before outputting the username value. For Drupal installations which consider the username to be confidential information, Real Name cannot perform a universal operation to hide the base username.